The Office of the National Coordinator for Health IT has published a governance framework for health information exchange aimed at helping HIEs and other health organizations “align their work with national priorities.”
The framework stems from, and is in part an alternative to, the now-abandoned pursuit of governance for the nationwide health information network. The ONC decided to discontinue the formal rulemaking process, national coordinator Farzad Mostashari, MD, explained, and “instead implement an approach that provides a means for defining and implementing nationwide trusted exchange with higher agility, and lower likelihood of regret.”
The framework is meant to provide a “common conceptual foundation applicable to all types of governance models and expresses the principles ONC believes are most important for HIE governance,” ONC officials wrote. Rather than prescribing “specific solutions,” it “lays out milestones and outcomes that ONC expects for and from HIE governance entities.”
The principles cover trust with patients, business management, organizational approaches for self-governance, and technical issues and standards.
The trust principles state that patients should be able to publicly access, in consumer-friendly language, a “Notice of Data Practices” explaining the reasons why personally identifiable and de-identified data would or could be electronically exchanged (among them treatment, payment, research, quality improvement, public health reporting and population health management).
According to the framework, patients should also be able to receive a simple explanation of an HIE’s privacy and security policies, be offered a choice for allowing personally identifiable information to be digitally shared, be able to request data exchange limits based on the data type or source (such as for substance abuse treatment), be able to digitally access and request corrections to their personally identifiable information, and be assured that their information is consistently and accurately matched when electronically exchanged.
HIE operations, according to the framework, should strive for transparency and openness, for providers, payers and patients, and should also have protocols for ensuring adherence to organizational policy and federal and state laws and regulations.
For HIE business principles, the framework states: “Responsible financial and operational HIE policy is vital to improving care coordination, improving the efficiency of healthcare delivery, and mitigating behaviors that could result in proprietary networks and resistance to exchanging information even when it could enhance patient care.”
The ONC is recommending that HIE organizations set standards of participation promoting collaboration and avoiding “instances where (even when permitted by law) differences in fees, policies, services, or contracts would prevent patients’ health information from being electronically exchanged.”
Additionally, the framework suggests, HIEs should provide open access to exchange services (like directory data) so local, regional and nationwide partners can identify who they can electronically exchange information with; publish statistics on exchange capacity and patient volume; and maintain and share information on compliance, standards, security, and best practices.
In its technical principles, ONC recommends that HIEs should “prioritize, where available, the exclusive use of federal vocabulary, content, transport and security standards, and associated implementation specifications adopted to support HIE.” Or, if not adopting federal standards, HIEs should encourage the vocabulary, content, transport, security standards, and implementation specifications developed by voluntary consensus standards organizations.
Following the framework, HIEs should work with voluntary consensus standards organizations to develop standards for specific use cases and volunteer to pilot and use new standards when none exist, and also “take an active role” in developing and implementing conformance assessment and testing methods for HIE, and use testing methods developed to assess compliance with federal standards.
The framework is intended be “a living document,” Mostashari explained, and ONC “will consider updating these principles over time to reflect policy changes, technological maturity, and market innovations, as necessary.”